john at wunderlich.ca
Wed Jan 18 08:40:21 CST 2017
It certainly looks like an interesting challenge and I agree that work
needs to be done to encourage data controllers to do better in both
visibility and clarity of privacy notices and public-facing privacy
policies for data collection. That being said, I don't think it's quite
right for this WG or Kantara.
Neither notices nor policies are user controlled instruments. No matter how
clear or visible a privacy notice is, it still clearly and visibly gives
the user a 'take it or leave it' choice. That may align with user autonomy
and real choices in markets where there are multiple vendors with different
privacy policies on offer, but I don't think that that situation is what is
on offer in the space that HHS is addressing. On the web, network or market
effects usually push most users to a single or limited number of suppliers
whose policies will tend to converge and remove choice. In physical space,
it's even more clear. If you want to come to our clinic/space/event you
MUST accept our terms.
If the challenge would allow us to put forward user submitted terms, UMA or
other mechanisms that address the power and choice differential between the
data subject and the data controller, then it seems to me that it would
provide the opportunity for a more Kantara aligned submission.
John Wunderlich, BA, MBA
IAPP Fellow of Information Privacy
CISA, CIPM, CIPP/C, PbD Ambassador
@PrivacyCDN <https://twitter.com/PrivacyCDN> & Privacist
On 18 January 2017 at 04:30, Mark <mark at smartspecies.com> wrote:
> Hello Everyone,
> This challenge might be of interest to us in the work group … and perhaps
> a task the work group can collaborate on?
> As well there is a nice little event in Valencia as well
> IFF2017 <https://internetfreedomfestival.org/> in case you will attend
> the event in Valencia.
> - Mark
> Begin forwarded message:
> *From: *Lorrie Faith Cranor <lorrie at cs.cmu.edu>
> *Date: *07 gennaio 2017 22:49:42 CET
> *To: *cups mailing list <cups at cups.cs.cmu.edu>
> *Cc: *<cups-friends at cups.cs.cmu.edu>
> developers, and health data privacy experts to create an online Model
> Privacy Notice (MPN) generator. The MPN is a voluntary, openly available
> resource designed to help health technology developers who collect digital
> health data clearly convey information about their privacy and security
> policies to their users. Similar to a nutrition facts label, the MPN
> provides a snapshot of a product’s existing privacy practices, encouraging
> transparency and helping consumers make informed choices when selecting
> products. The MPN does not mandate specific policies or substitute for more
> comprehensive or detailed privacy policies.
> Prizes: $20K first place, $10k second place, $5k third place
> Deadline: April 10, 2017
> For more info:
> Cups-friends mailing list
> Cups-friends at mailman.srv.cs.cmu.edu
> WG-InfoSharing mailing list
> WG-InfoSharing at kantarainitiative.org
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the WG-InfoSharing